<?php
/**
 * 评论管理 - JBlog
 * 
 * @copyright (c) 2008-2010 JBlog (www.lisijie.org)
 * @author lisijie <lisijie86@gmail.com>
 * @version $Id: mod_comment.php 523 2010-06-23 10:06:24Z lisijie86 $
*/

!defined('IN_ADMIN') && exit('Access Denied!');

if ( !is_admin() ) {
	prompt(__('对不起，你没有权限执行这项操作。'));
}

require_once JBLOG_INC.'func_comment.php';

empty($ac) && $ac = 'list';

$uncknum = $db->count('comment', "`status`=0");

//评论列表
if ( $ac == 'list' ) {
	
	initGP(array('page','keyword','postid','filter'));

	$wheresql = '1';
	$page = max(1, intval($page));
	$pagesize = 10;
	$offset = ($page - 1) * $pagesize;
	$url = '?mod=comment';
	
	if ( $filter == 'unchk' ) {
		$wheresql .= " AND c.`status` = 0";
		$url .= '&filter='.$filter;
	}
	if ( $keyword ) {
		$keyword = str_replace(array('%','_'), array('\%','\_'), $keyword);
		$wheresql .= " AND (c.content LIKE '%$keyword%' OR c.author LIKE '%$keyword%' OR c.email LIKE '%$keyword%')";
		$url .= '&keyword='.rawurlencode($keyword);
	}
	if ( is_numeric($postid) ) {
		$wheresql .= " AND c.postid = '$postid'";
		$url .= '&postid='.$postid;
	}
	
	$count = $db->count('comment c', $wheresql);
	$result = array();
	if ( $count ) {
		$result = array();
		$query = $db->query("SELECT c.*, p.title, p.dateline AS posttime 
		FROM ".tname('comment')." c LEFT JOIN ".tname('post')." p ON c.postid = p.id
		WHERE $wheresql ORDER BY c.id DESC LIMIT $offset, $pagesize");
		while ( $row = $db->fetch_array($query) ) {
			$row['content'] = apply_filter('comment_content', $row['content']);
			$result[] = $row;
		}
	}
	
//编辑评论
} elseif ($ac == 'edit') {
	
	check_perm_prompt('comment','edit');
	
	if ( check_submit() ) {
		update_comment($_POST['id'], $_POST['comment']);
		do_action('comment_edit_submit');
		redirect($_POST['refer']);
	} else {
		$result = $db->fetch_one_array("SELECT * FROM ".tname('comment')." WHERE id = '".intval($_GET['id'])."'");
		//$result['content'] = apply_filter('comment_content',$result['content']);
	}
	
//回复评论
} elseif ( $ac == 'reply' ) {
	
	check_perm_prompt('comment','reply');
	
	if ( check_submit() ) {
		$reply = array(
			'postid'   => intval($_POST['postid']),
			'author'   => $_USER['name'],
			'userid'   => $_USER['id'],
			'email'    => $_USER['email'],
			'url'      => $_USER['url'],
			'content'  => check_str($_POST['content']),
			'dateline' => NOW,
			'ip'       => $_USER['ip'],
			'agent'    => $_SERVER['HTTP_USER_AGENT'],
			'status'   => 1
		);
		if ( empty($reply['content']) ) {
			prompt(__('评论内容不能为空。'));
		}
		if ( preg_match_all('/\[re=(\d+),([^\]]+?)]/is',$reply['content'], $matches) ) {
			$matches = $matches[1];
			$matches = array_unique($matches);
			if ( $matches ) {
				$atuids = '';
				$query = $db->query("SELECT userid FROM ".tname('comment')." WHERE id IN (".simplode($matches).")");
				while ( $row = $db->fetch_array($query) ) {
					if ( $row['userid'] ) {
						$atuids .= ",$row[userid]";
					}
				}
				if ( !empty($atuids) ) {
					$reply['atuids'] = $atuids.',';
				}
			}
		}		
		$db->insert('comment', $reply);
		$db->query("UPDATE ".tname('post')." SET comments = comments + 1 WHERE id = ".intval($_POST['postid']));
		$db->query("UPDATE ".tname('user')." SET comments = comments + 1 WHERE id = '$_USER[id]'");
		do_action('comment_reply_submit', $reply);
		redirect('?mod=comment');
	}
	
	$comment = $db->fetch_one_array("SELECT * FROM ".tname('comment')." WHERE id = '".intval($_GET['id'])."'");
	$comment['content'] = apply_filter('comment_content',$comment['content']);
	$content = '[re='.$comment['id'].','.$comment['author'].']';
	do_action('comment_reply', $comment);

//审核评论
} elseif ($ac == 'pass' || $ac == 'nopass') {
	
	check_perm_prompt('comment','check');
	
	$val = $ac == 'pass' ? 1 : 0;
	$ids = $_POST['id'] ? $_POST['id'] : array($_GET['id']);
	filter_ids($ids);
	if ( $ids ) {
		$db->update('comment', array('status'=>$val), array('id'=>$ids));
		$postids = array();
		$query = $db->query("SELECT postid FROM ".tname('comment')." WHERE id IN (".simplode($ids).")");
		while ($row = $db->fetch_array($query)) {
			$postids[] = $row['postid'];
		}
		$postids = array_unique($postids);
		foreach ( (array)$postids as $postid ) {
			recount_comment($postid);
		}
	}
	do_action('comment_'.$ac, $ids);
	redirect($_USER['refer']);
	
//删除评论
} elseif ($ac == 'delete') {
	
	check_perm_prompt('comment','del');
	
	$ids = getGP('id','P','array');
	if ( empty($ids) ) $ids = array(intval($_GET['id']));
	if ( $ids ) {
		foreach ( $ids as $id ) {
			delete_comment($id);
		}
	}
	do_action('comment_delete', $ids);
	redirect($_USER['refer']);
	
}

include admin_tpl('comment');
?>